From f1a9da658df90746d49348b28d263809e77ae52b Mon Sep 17 00:00:00 2001 From: Rolf Fokkens Date: Tue, 30 Jul 2019 12:18:21 +0200 Subject: [PATCH 1/3] Allow to disable display fall name as part of SMS reset --- conf/config.inc.php | 2 ++ pages/sendsms.php | 12 +++++++----- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/conf/config.inc.php b/conf/config.inc.php index 8fc191d8a..c9ecbec2b 100644 --- a/conf/config.inc.php +++ b/conf/config.inc.php @@ -222,6 +222,8 @@ $sms_attribute = "mobile"; # Partially hide number $sms_partially_hide_number = true; +# Display full name +$sms_display_full_name = true; # Send SMS mail to address $smsmailto = "{sms_attribute}@service.provider.com"; # Subject when sending email to SMTP to SMS provider diff --git a/pages/sendsms.php b/pages/sendsms.php index 90597625b..5a28dd0cf 100644 --- a/pages/sendsms.php +++ b/pages/sendsms.php @@ -329,12 +329,14 @@
-
- -
-

+ +
+ +
+

+
-
+
From c6b1c8f712288b6e6dd77e54d1be79e7a29402f5 Mon Sep 17 00:00:00 2001 From: Rolf Fokkens Date: Tue, 30 Jul 2019 12:34:09 +0200 Subject: [PATCH 2/3] Allow static password policy text instead of rendered one --- conf/config.inc.php | 3 +++ index.php | 1 + lib/functions.inc.php | 34 ++++++++++++++++++++++------------ 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/conf/config.inc.php b/conf/config.inc.php index c9ecbec2b..9367fdf9f 100644 --- a/conf/config.inc.php +++ b/conf/config.inc.php @@ -120,6 +120,9 @@ # above - the form # below - the form $pwd_show_policy_pos = "above"; +# Use statically formulated policy +# instead of dynamically generated one +#$pwd_static_policy = "conf/policy.inc.html"; # disallow use of the only special character as defined in `$pwd_special_chars` at the beginning and end $pwd_no_special_at_ends = false; diff --git a/index.php b/index.php index 10a4a40d4..c7f26d8c6 100644 --- a/index.php +++ b/index.php @@ -140,6 +140,7 @@ "pwd_no_reuse" => $pwd_no_reuse, "pwd_diff_login" => $pwd_diff_login, "pwd_complexity" => $pwd_complexity, + "pwd_static_policy" => $pwd_static_policy, "use_pwnedpasswords" => $use_pwnedpasswords, "pwd_no_special_at_ends" => $pwd_no_special_at_ends ); diff --git a/lib/functions.inc.php b/lib/functions.inc.php index a3eb0bbfc..99a0bd0ac 100644 --- a/lib/functions.inc.php +++ b/lib/functions.inc.php @@ -177,22 +177,32 @@ function show_policy( $messages, $pwd_policy_config, $result ) { if ( !preg_match( "/tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|sameasold|notcomplex|sameaslogin|pwned|specialatends/" , $result) ) { return; } } + if ( isset( $pwd_static_policy ) ) { + $fp = fopen ($pwd_static_policy, 'rb'); + } else { + $fp = FALSE; + } + # Display bloc echo "
\n"; echo "

".$messages["policy"]."

\n"; echo "
    \n"; - if ( $pwd_min_length ) { echo "
  • ".$messages["policyminlength"] ." $pwd_min_length
  • \n"; } - if ( $pwd_max_length ) { echo "
  • ".$messages["policymaxlength"] ." $pwd_max_length
  • \n"; } - if ( $pwd_min_lower ) { echo "
  • ".$messages["policyminlower"] ." $pwd_min_lower
  • \n"; } - if ( $pwd_min_upper ) { echo "
  • ".$messages["policyminupper"] ." $pwd_min_upper
  • \n"; } - if ( $pwd_min_digit ) { echo "
  • ".$messages["policymindigit"] ." $pwd_min_digit
  • \n"; } - if ( $pwd_min_special ) { echo "
  • ".$messages["policyminspecial"] ." $pwd_min_special
  • \n"; } - if ( $pwd_complexity ) { echo "
  • ".$messages["policycomplex"] ." $pwd_complexity
  • \n"; } - if ( $pwd_forbidden_chars ) { echo "
  • ".$messages["policyforbiddenchars"] ." $pwd_forbidden_chars
  • \n"; } - if ( $pwd_no_reuse ) { echo "
  • ".$messages["policynoreuse"] ."\n"; } - if ( $pwd_diff_login ) { echo "
  • ".$messages["policydifflogin"] ."\n"; } - if ( $use_pwnedpasswords ) { echo "
  • ".$messages["policypwned"] ."\n"; } - if ( $pwd_no_special_at_ends ) { echo "
  • ".$messages["policyspecialatends"] ."
  • \n"; } + if ($fp) { + fpassthru($fp); + } else { + if ( $pwd_min_length ) { echo "
  • ".$messages["policyminlength"] ." $pwd_min_length
  • \n"; } + if ( $pwd_max_length ) { echo "
  • ".$messages["policymaxlength"] ." $pwd_max_length
  • \n"; } + if ( $pwd_min_lower ) { echo "
  • ".$messages["policyminlower"] ." $pwd_min_lower
  • \n"; } + if ( $pwd_min_upper ) { echo "
  • ".$messages["policyminupper"] ." $pwd_min_upper
  • \n"; } + if ( $pwd_min_digit ) { echo "
  • ".$messages["policymindigit"] ." $pwd_min_digit
  • \n"; } + if ( $pwd_min_special ) { echo "
  • ".$messages["policyminspecial"] ." $pwd_min_special
  • \n"; } + if ( $pwd_complexity ) { echo "
  • ".$messages["policycomplex"] ." $pwd_complexity
  • \n"; } + if ( $pwd_forbidden_chars ) { echo "
  • ".$messages["policyforbiddenchars"] ." $pwd_forbidden_chars
  • \n"; } + if ( $pwd_no_reuse ) { echo "
  • ".$messages["policynoreuse"] ."\n"; } + if ( $pwd_diff_login ) { echo "
  • ".$messages["policydifflogin"] ."\n"; } + if ( $use_pwnedpasswords ) { echo "
  • ".$messages["policypwned"] ."\n"; } + if ( $pwd_no_special_at_ends ) { echo "
  • ".$messages["policyspecialatends"] ."
  • \n"; } + } echo "
\n"; echo "
\n"; } From 7ea4c4584066c7a8935709b2b6d0989e3147c6de Mon Sep 17 00:00:00 2001 From: Rolf Fokkens Date: Tue, 30 Jul 2019 12:35:11 +0200 Subject: [PATCH 3/3] Handle being behind a reverse proxy --- pages/sendtoken.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pages/sendtoken.php b/pages/sendtoken.php index bb3d872ab..13e8aa07c 100644 --- a/pages/sendtoken.php +++ b/pages/sendtoken.php @@ -177,6 +177,10 @@ $server_port = $_SERVER['SERVER_PORT']; $script_name = $_SERVER['SCRIPT_NAME']; + # Handle being behind revproxy + if ( $_SERVER['HTTP_X_FORWARDED_PROTO'] == "https" ) { $method .= "s"; } + if ( isset($_SERVER['HTTP_X_FORWARDED_PORT']) ) { $server_port = $_SERVER['HTTP_X_FORWARDED_PORT']; } + # Force server port if non standard port if ( ( $method === "http" and $server_port != "80" ) or ( $method === "https" and $server_port != "443" )